We performed a comparison between Darktrace and Rapid7 InsightIDR based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Cisco, TitanHQ and others in Email Security."Defender is a SaaS platform, so it offers more flexibility. Managing the permissions is easier. The solution's automated detection and response features are scalable."
"Safe attachments, safe links, policies, and the ability to protect from zero-day threats are the most valuable features."
"The risk level notifications are most valuable. We get to know what kind of intrusion or attack is there, and we can fix a problem on time."
"The most valuable feature is the integration. It's a single console, so we don't have to switch around between multiple products. Another valuable feature is the ease of operations and maintenance."
"The email protection is excellent, especially in terms of anti-phishing policies."
"The deployment capability is a great feature."
"It also gives me good visibility because, with Defender, I'm using a Microsoft product to defend Microsoft products. The integration was really seamless and I have wide visibility because it picks up almost everything. Literally, I can see almost every activity that happens, from the e-mail to the workstation itself."
"The product is not resource-intensive."
"The most valuable feature is that it gives us visibility of rogue traffic that is on the network."
"The most valuable feature of Darktrace and the most valuable feature is the artificial intelligence module because that is the tool that determines automatically if there is any risk or not in the network."
"It is autonomous. So, it learns. It uses algorithms and AI to learn the common behavioral patterns on the network, and it is able to identify threats based on abnormal patterns."
"The initial setup is simple."
"Artificial intelligence and machine learning functionalities are valuable."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"We liked their approach to identifying intrusions or network anomalies using AI."
"The most valuable feature has been the behavioral analytics that allows us to monitor all the traffic."
"I have seen that Rapid7 InsightIDR provides security to the networks and endpoints in the company."
"I am able to run automated actions based on the output of reports, leaving me extra time to focus on more pressing matters."
"The biggest reason why we chose Rapid7 was to gain value in a really quick time. Its deployment doesn't take months. It just takes a few days."
"InsightIDR’s ability to process millions of transactions per day, and to notify me of the most critical ones, is priceless. InsightIDR has the alerts tuned, and has the ability to quickly drill down to determine the threat level."
"The product works well. Stability-wise, I rate the solution a ten out of ten."
"The incident case management is the most valuable feature. Even though there's always something I find I would like to add to that feature, the ability to quickly sort through all the logs, network and endpoint data, etc., and add it to an incident case as part of the investigation, is nice. Having it automatically timeline that additional data into the original incident timeline, and correlate it to other notable events and activities on the network, results in a huge improvement in our overall confidence that we've quickly traced down the right source of an issue."
"The log aggregation and storage provided by InsightIDR has shown no issues with scalability; aggregating over one hundred millions events daily."
"Scalability-wise, I rate the solution a ten out of ten. As a cloud tool, the product is highly scalable."
"There is room for improvement in terms of reporting."
"The phishing and spam filters could use some improvement."
"It would be better if it were more scalable. It depends on the architecture, but we would like to make it more scalable for both data centers."
"There is room for improvement with the UI."
"The custom alerts have to improve a lot."
"They can improve their security in a way where a customer can know if all their attachments are safe or not to open through a report. The solution does its job perfectly, but it never reports to the customer whether those attachments have been stopped before or not."
"Microsoft security solutions work as expected. They are constantly updating the solutions to make them better. At the same time, the changes can impact a customer's environment, and we need to adjust settings. Sometimes we aren't aware of the changes, and nothing is pushed from the backend automatically."
"Several simulation options are available within 365, and the phishing simulation could be better."
"It's a very complex platform."
"Its documentation is not up to the mark. At times, I have a lot of trouble finding a solution. Even when I posted questions on the community chats, it took a lot of time for me to get answers. That's something that can be improved. Darktrace can focus on creating a more interactive community. If there are more people from Darktrace to focus on community chats, it would be better."
"I think there is some MSSP missing."
"One thing I would like is for Darktrace to flag SMB traffic more accurately. Currently, it only flags that SMB traffic has occurred, but it doesn't specify which file was being transferred. This makes it difficult to investigate incidents involving SMB traffic, as we don't have concrete evidence of what was being sent."
"It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
"It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening."
"I was under impression that Darktrace's automatic blocking would be an out-of-the-box feature, but we had to integrate it with our firewall to get it to block automatically. The salesperson should be upfront and explain that you need to integrate it with your network. I would also like to see more reporting on risk. Banks in my region want to see at a glance the risk level of various assets."
"Getting logs from different sources can be a challenge."
"Rapid7 doesn't integrate well with all our security tools from various vendors, so we plan to switch. Many of our solutions work with Rapid7, but some do not. We are already searching for a replacement already."
"I would like the ability to adjust the threshold of certain existing alerts. Currently the only option is to change the notifications or create my own alert."
"Rapid7 InsightIDR is not intuitive to search for logs. It should be more user-friendly and improve the dashboards. We should be able to use ready-made templates instead of having to build one."
"Cloud risk assessment is one area where I think they need a lot of improvement."
"The APIs can be further improved in Rapid7."
"Lacks a mobile application."
"Sometimes, it is hard to get the right queries to use. Currently, the tool lacks a pre-made set of queries."
"It would be useful to import threat intelligence in YARA format along with known incorrect email addresses."
More Microsoft Defender for Office 365 Pricing and Cost Advice →
Darktrace is ranked 11th in Email Security with 65 reviews while Rapid7 InsightIDR is ranked 10th in Security Information and Event Management (SIEM) with 29 reviews. Darktrace is rated 8.2, while Rapid7 InsightIDR is rated 8.4. The top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". On the other hand, the top reviewer of Rapid7 InsightIDR writes "An affordable product that is easy to use and has many advanced features and default templates". Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cortex XDR by Palo Alto Networks and Trend Micro Deep Discovery, whereas Rapid7 InsightIDR is most compared with Microsoft Sentinel, Splunk Enterprise Security, Rapid7 InsightVM, IBM Security QRadar and Microsoft Defender for Identity.
We monitor all Email Security reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.